Get in Touch

Course Outline

Foundations of Information Security in Public Institutions

  • Core security principles and their importance in government organizations.
  • The CIA triad (Confidentiality, Integrity, and Availability) in daily operations.
  • Common threats facing public sector information and digital services.

Governance, Policies, and Responsibilities

  • Security governance within an institutional context.
  • Roles and responsibilities of managers, users, IT teams, service owners, and suppliers.
  • Policies, standards, procedures, and accountability mechanisms.

Risk Management for Information and Services

  • Identifying assets, threats, vulnerabilities, and potential business impacts.
  • Conducting basic risk assessments and prioritizing risks.
  • Selecting appropriate treatments and controls.

Information Classification and Data Protection

  • Classifying institutional information based on sensitivity and intended use.
  • Safeguarding documents, records, databases, and shared files.
  • Best practices for storage, transfer, retention, and secure disposal.

Identity and Access Management

  • Fundamentals of user accounts, authentication, and authorization.
  • Principles of least privilege, separation of duties, and access reviews.
  • Managing access requests, modifications, and revocation processes.

Secure Use of Systems and Digital Services

  • Secure usage of email, web systems, remote access, and shared platforms.
  • Common user errors and strategies to avoid them.
  • Practical measures for enhancing daily operational security.

IT Service Management Basics and Security Integration

  • The relationship between IT services and information security.
  • Security considerations throughout service design, delivery, and support phases.
  • Managing service requests, incidents, changes, and basic service documentation.

Incident Handling and Service Continuity

  • Recognizing security incidents and service disruptions.
  • Steps for reporting, escalation, containment, communication, and recovery.
  • Backups, recovery planning, and maintaining availability during disruptions.

Security Awareness, Compliance, and Improvement

  • Identifying phishing, social engineering attacks, and unsafe behaviors.
  • Aligning activities with institutional policies, audit requirements, and regulatory expectations.
  • Monitoring controls and identifying actionable improvement steps.

Practical Workshop and Action Planning

  • Reviewing a scenario related to public sector security and service management.
  • Identifying risks and proposing improvements for services and security.
  • Developing an action plan tailored to participants' specific areas of responsibility.

Requirements

  • A foundational understanding of IT concepts, office systems, and institutional information handling procedures.
  • Practical experience using information systems, email, shared files, and online services in daily operations.
  • No prior programming experience is necessary.

Target Audience

  • Public sector employees who use, manage, or oversee digital information and services.
  • IT staff, system administrators, and service management personnel employed by government institutions.
  • Managers, coordinators, auditors, and compliance officers responsible for digital security and service quality.
 14 Hours

Number of participants


Price per participant

Testimonials (3)

Upcoming Courses

Related Categories